@matrix With such urgent patch update calls, please make sure to mention the version numbers of the releases in which the vulnerability has been fixed. At least for the apps that you are responsible for, or are aware of.

I did not find any version numbers anywhere in your communication, not even in the very extensive news post. Without these version numbers it's impossible to check whether a package upgrade on a certain distro has patched the issue or not. Distros could be behind.